Malicious apps on smartphones are nothing new today. With rapid adoption of smartphones across the globe, malwares are not really an ‘if’ anymore, it is more of a when. Google and Apple, the two largest ecosystem holders in the world, have done everything they can to prevent malwares from hitting their devices, but once in a while some things slip through.
Very recently, Bleeping Computer has reported that researchers have found a malware on the Google Play Store. For the record, this is not the first time this has happened. These are not Android-only incidents too, before you start bashing Google for their lack of concern over our safety and privacy. This time round though, it is an Android isolated incident.
The app in question is called ‘Craftsart Cartoon Photo Tools’. It is, in effect, malware disguised as a form of photo editing tool. As an app, it sounds quite fun. It allows you to upload an image and convert it into a cartoon artwork rendering of some sorts for you to upload to your social media for the fun of it. What comes with the app is not so fun.
Pradeo, a security firm, discovered that the app comes with a Trojan malware called ‘FaceStealer’. It is what it sounds like, an identity theft malware. But it is not just any identity that it wants, it wants your Facebook ID and password. When you open the app for the first time, the Trojan fires up and opens a Facebook login screen for you to enter your Facebook credentials before you can use the account, which sounds completely normal. You can read more about what the trojan does via Bleeping Computer or Pradeo’s blog.
According to the research in Pradeo, the developers have injected a small piece of malicious code within the app. It is small enough to slip past Google play Store’s security filters, but enough also to work. To ensure that it stays in the Google Play Store, the app has also been automatically repackaged so that it behaves like a regular legitimate app.
This goes without saying, if you have the app installed in your Android smartphone, delete it immediately. There are no mentions if there is an iPhone equivalent on this. You can assume that currently it is only affecting Android devices, since ‘FaceStealer’ is made specifically for Android devices. The ‘Craftsart Cartoon Photo Tools’ has since been taken down from Google Play Store, but not without over 100,000 downloads first.